https://bugzilla.mindrot.org/show_bug.cgi?id=3277
Damien Miller <djm@mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm@mindrot.org
--- Comment #3 from Damien Miller <djm@mindrot.org> ---
I'm inclined to agree and to not add additional checking - ssh should
aim to protect the user against misconfiguration, but it's IMO overkill
to detect serious admin misconfiguration.
On one hand, as Darren points out, a too strict definition of
"misconfiguration" might break working setups.
On the other, how far should a user tool go towards checking the system
is in an expected state? Should it check the permissions on
/etc/passwd? /dev/*? etc.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Damien Miller <djm@mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm@mindrot.org
--- Comment #3 from Damien Miller <djm@mindrot.org> ---
I'm inclined to agree and to not add additional checking - ssh should
aim to protect the user against misconfiguration, but it's IMO overkill
to detect serious admin misconfiguration.
On one hand, as Darren points out, a too strict definition of
"misconfiguration" might break working setups.
On the other, how far should a user tool go towards checking the system
is in an expected state? Should it check the permissions on
/etc/passwd? /dev/*? etc.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs